Tunnel Commands
14-130 Configuring the VPN

set peer

ThiscommandspecifiesthephysicalIPaddressoftheremoteVPNgateway.
Syntax
set peer ip-address
Syntax of the “no” Form
no set peer ip-address
Mode
Tunnelconfiguration:XSR#(config-tms-tunnel)#
Example
ThefollowingexamplesetstheIPaddressoftheremoteVPNgateway:
XSR(config)#interface vpn 57 multi-point
XSR(config-int<vpn>)#tunnel ACME_VPN
XSR#(config-tms-tunnel)#set peer ip-address 192.168.57.9

set protocol

ThiscommanddefinestheVPNtunnelingprotocol‐GenericRoutingEncapsulation(GRE)orIP
Security(IPSec)‐usedtocreatethetunnel.
IPSecacceptsoneoftwosubcommandsthatcreateaClientorNetworkExtensionmodesiteto
sitetunnel.ClientmodecreatesNATontheVPNinterfacetohidetheaddressesofthetrusted
network(attachedtoF1).IPSecsecuritypolicyencryptsdatapassingtoandfromtheIPaddress
assignedtothetunnel.NetworkextensionmodecreatesIPSecsecuritypoliciesthatencrypttraffic
flowingtothetrustednetworkviathetunnelinadditiontosecuringtrafficflowingtothetunnelʹs
assignedaddress.
Syntax
set protocol {gre | ipsec}[client-mode | network-extension-mode]
Syntax of the “no” Form
Thenoformofthiscommandnegatestheprotocolselectedearlier:
no set protocol
ip-address IPaddressofthepeer.
gre GREtunnelingprotocol.
ipsec IPSectunnelingprotocol.
client-mode InitiatesaClientmodeEZIPSectunnel.
network-extension-mode InitiatesaNEMEZIPSectunnel.